王子文 Azure授权登录

master/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java

@@ -1,7 +1,18 @@
 package com.ruoyi.project.system.controller;
 
+import java.nio.charset.StandardCharsets;
+import java.security.*;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
 import java.util.*;
 
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.project.system.service.ISysUserService;
+import io.jsonwebtoken.*;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.core.ParameterizedTypeReference;
 import org.springframework.http.*;
@@ -25,6 +36,8 @@ import com.ruoyi.project.system.domain.SysUser;
 import com.ruoyi.project.system.service.ISysMenuService;
 import org.springframework.web.client.RestTemplate;
 
+import static sun.security.x509.X509CertImpl.PUBLIC_KEY;
+
 /**
  * 登录验证
  *
@@ -46,6 +59,9 @@ public class SysLoginController {
     //    @Resource // 可优化，注册一个 RestTemplate Bean，然后注入
     private final RestTemplate restTemplate = new RestTemplate();
 
+    @Autowired
+    private ISysUserService userService;
+
     /**
      * 登录方法
      *
@@ -146,6 +162,7 @@ public class SysLoginController {
     @PostMapping("/getAzureAccessToken")
     public AjaxResult getAzureAccessToken(@RequestBody LoginBody loginBody) {
         AjaxResult ajax = AjaxResult.success();
+
         // 生成令牌
         String code = loginBody.getCode();
 
@@ -158,13 +175,19 @@ public class SysLoginController {
         MultiValueMap<String, String> body = new LinkedMultiValueMap<>();
         body.put("code", new LinkedList<String>(){{ add(code); }});
         body.put("grant_type", new LinkedList<String>(){{ add("authorization_code"); }});
+        // TODO: 修改client_secret
         body.put("client_secret", new LinkedList<String>(){{ add("FdR8Q~hmMJsJtJzPhDntTMwRv2WKD6dEhpSKraqk"); }});
+        // TODO: 修改client_id
         body.put("client_id", new LinkedList<String>(){{ add("3db6f125-db4d-456b-a76e-a6d03182e845"); }});
         body.put("redirect_uri", new LinkedList<String>(){{ add("http://localhost/cpms/index.html"); }});
+        // TODO: 修改scope
+        // scope=profile openid offline_access
         body.put("scope", new LinkedList<String>(){{ add("api://3db6f125-db4d-456b-a76e-a6d03182e845/User.Read"); }});
 
         // 2. 执行请求
         ResponseEntity<AjaxResult> exchange = restTemplate.exchange(
+                // TODO: 修改token请求链接
+                // https://login.microsoftonline.com/ecaa386b-c8df-4ce0-ad01-740cbdb5ba55/oauth2/v2.0/token
                 "https://login.microsoftonline.com/7503e40a-97ec-4eb9-bf6d-2836e57e882d/oauth2/v2.0/token",
                 HttpMethod.POST,
                 new HttpEntity<>(body, headers),
@@ -172,11 +195,14 @@ public class SysLoginController {
 
         Assert.isTrue(exchange.getStatusCode().is2xxSuccessful(), "响应必须是 200 成功");
         ajax = exchange.getBody();
-        System.out.println(ajax.toString());
-        ajax.get("access_token");
-        //进行jwt解析
 
-        //系统登录 获取系统token
+        // TODO: 进行jwt解析
+        // ajax对象取id_token
+        // String id_token = ajax.get("id_token").toString();
+        // 解析id_token 获取cn字段（用户名）
+
+        // TODO: 系统登录 获取系统token
+        String cn = "ZHANGL49";
 
         return ajax;
     }

ui/src/views/azureLogin.vue

@@ -33,7 +33,8 @@ export default {
   methods: {
     getAzureAccessToken(){
       getAzureAccessToken(this.code).then(response => {
-        this.msgSuccess(this.$t('成功'));
+        this.msgSuccess(this.$t('Azure登录成功'));
+        // TODO: Azure登录回调处理
       });
     }
   }

ui/src/views/login.vue

@@ -125,13 +125,15 @@ export default {
     }
   },
   created() {
-    console.log(window.location)
+    // Azure登录跳转
     let code = window.location.search.replace("?code=" , '');
     if (code) {
+      // authorization_code
       code = code.substring(0, code.indexOf("&"));
-      console.log(code)
+      // redirect_url
       window.location.href = '#/azureLogin?code='+code;
     }
+
     this.getCode();
     this.getCookie();
     if (!this.$store.getters.language) {
@@ -187,6 +189,10 @@ export default {
     },
     /** Azure登录 */
     doAzureLogin() {
+      // TODO: 1. 修改authorize请求链接、2. 修改client_id、3. 修改scope
+      // 1. https://login.microsoftonline.com/ecaa386b-c8df-4ce0-ad01-740cbdb5ba55/oauth2/v2.0/authorize
+      // 2. client_id=?
+      // 3. scope=profile openid offline_access
       window.location.href = 'https://login.microsoftonline.com/7503e40a-97ec-4eb9-bf6d-2836e57e882d/oauth2/v2.0/authorize?client_id=3db6f125-db4d-456b-a76e-a6d03182e845&redirect_uri=http%3A%2F%2Flocalhost%2Fcpms%2Findex.html&scope=api://3db6f125-db4d-456b-a76e-a6d03182e845/User.Read&response_type=code';
     },
   }